My name is Matt Mulcahy.
I am the Director of Business Development at ProSource.
And today I wanted to touch on Microsoft
365 and some of the misconceptions
around the responsibilities when using the service.
As a Microsoft Partner,
pretty much all of our customers are using the Microsoft 365 ecosystem.
We do believe it is the best and unrivaled
platform to run your business on from a technology standpoint.
But there are some pitfalls that you have to be aware of as a business owner
when using that platform.
And what I have up on my screen
here is the shared responsibility model from Microsoft.
So what we see is a big misconception
is that, hey, my data is in the cloud.
My data is hosted by Microsoft.
So they’re handling all of it.
It’s safe, it’s secure.
It’s backed up. And that’s not true.
When you look
at this division of responsibility, you’ll notice the first three rows here
— 1) Information and data, 2) Devices, and 3) Accounts and identities
— are always the responsibility of the customer.
What that means is that you’re on the hook for all of that.
That is not made readily aware.
As you can see, I’m on, you know, a deep TechNet article
within the Microsoft Knowledge Base is where they house this type of stuff.
And it’s not necessarily top of mind
and they don’t make it well known when using the service.
So making sure these three items
are addressed by your IT team is extremely important.
So the first one is information and data.
What does that mean?
Basically, any of the data in SharePoint, OneDrive —
or wherever any of
that information might be stored within the 365 ecosystem
and its associated apps — is your responsibility to maintain.
So while Microsoft has traditionally had very good
retention and availability,
having an extra layer of security there on the backup side:
backing it up to a private data center, backing it up to your own data center,
backing it up to a storage device in your office.
There’s a lot of ways to maintain that
data, but it’s your responsibility at the end of the day.
That is the number one misconception we see is people assume that Microsoft
is doing this for them. They’re not.
The second one is devices.
It’s pretty obvious hardware, even if you, you know, buy something
direct like a Surface from Microsoft, that’s your responsibility to maintain.
So making sure you have a good asset inventory,
making sure you have good asset management is always going to be on you.
And that’s an easy one. That’s kind of a no-brainer.
And then accounts and identities.
So this is really managing your accounts.
Most of our customers are using Azure AD.
If you have a login to Microsoft, you’re using Azure AD,
whether you know it or not.
So making sure you have a good understanding of those accounts
and making sure you have an export just to have historical data.
And if something catastrophic were to happen,
you have something to reference
to rebuild those accounts and identities is very important.
As you go down further in this matrix, you can see the responsibility begins
to either be split or completely owned by Microsoft,
and that’s what we’re talking about, the infrastructure primarily.
So you’re using Azure, obviously, they’re providing you
all of the networking, they’re providing you the physical hosts,
and that’s where you’re really getting the value from Microsoft.
But what they’re not doing for you is maintaining your information and data.
They’re not owners of your devices, and they’re definitely not owning
your accounts and identities.
Those are the three core things you have to be thinking about and have
continuity plans around when working with Microsoft.
If you have any other questions about how we ensure data, devices,
and accounts identities are maintained beyond Microsoft, feel free to reach out.
Our contact information’s at the bottom of this video.
And once again, thanks so much for watching. Have a great day.